authenticate

src/server/core/authenticate.go

@@ -20,7 +20,8 @@ func Authenticate(session *mongo.Session, credential entity.LoginCredential) (en
 	); err != nil {
 		return entity.User{}, false, err
 	}
-	if CheckPasswordHash(credential.Password, authenticatedUser.LoginCredential.Password) {
+	hashedPassword := authenticatedUser.LoginCredential.Password
+	if CheckPasswordHash(credential.Password, hashedPassword) {
 		return authenticatedUser, true, nil
 	}
 	return entity.User{}, false, nil

src/server/core/authenticate_test.go

@@ -19,8 +19,9 @@ func init() {
 
 type AuthenticateTestSuite struct {
 	suite.Suite
-	session *mongo.Session
-	sp      *serviceprovider.Container
+	session           *mongo.Session
+	sp                *serviceprovider.Container
+	plainTextPassword string
 }
 
 func (suite *AuthenticateTestSuite) SetupSuite() {
@@ -31,18 +32,23 @@ func (suite *AuthenticateTestSuite) SetupSuite() {
 	suite.session = sp.Mongo.NewSession()
 	suite.sp = sp
 
+	suite.plainTextPassword = "@uthentic@te"
+
+	hashedPassword, err := HashPassword(suite.plainTextPassword)
+	suite.NoError(err)
+
 	user := entity.User{
 		ID: bson.NewObjectId(),
 		LoginCredential: entity.LoginCredential{
 			Email:    "[email protected]",
-			Password: "@uthentic@te",
+			Password: hashedPassword,
 		},
 		Username:    "John Doe",
 		FirstName:   "John",
 		LastName:    "Doe",
 		PhoneNumber: "091111l111",
 	}
-	err := suite.session.Insert(entity.UserCollectionName, &user)
+	err = suite.session.Insert(entity.UserCollectionName, &user)
 	suite.NoError(err)
 }
 
@@ -61,23 +67,21 @@ func TestAuthenticateSuite(t *testing.T) {
 func (suite *AuthenticateTestSuite) TestAuthenticate() {
 	CorrectCred := entity.LoginCredential{
 		Email:    "[email protected]",
-		Password: "@uthentic@te",
+		Password: suite.plainTextPassword,
 	}
-
 	user, passed, err := Authenticate(suite.session, CorrectCred)
 	suite.NoError(err)
 	suite.True(passed)
 	suite.Equal(CorrectCred.Email, user.LoginCredential.Email)
 }
 
 func (suite *AuthenticateTestSuite) TestFailedAuthenticate() {
+	hashedPassword, err := HashPassword("@uthentic@te")
 	WrongCred := entity.LoginCredential{
 		Email:    "[email protected]",
 		Password: "wrongPasswordOX",
 	}
-
-	user, passed, err := Authenticate(suite.session, WrongCred)
+	_, passed, err := Authenticate(suite.session, WrongCred)
 	suite.NoError(err)
 	suite.False(passed)
-	suite.Equal(WrongCred.Email, user.LoginCredential.Email)
 }